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Abstract 

A comprehensive automation design is being devel- 
oped for Space Station Freedom’s electric power sys- 
tem. A joint effort between NASA’s Office of Aero- 
nautics and Space Technology and NASA’s Office of 
Space Station Freedom, it strives to increase station 
productivity by applying expert systems and conven- 
tional algorithms to automate power system opera- 
tion. An integrated approach to the power system 
command and control problem is defined and used to 
direct technology development in: diagnosis, security 
monitoring and analysis, battery management, and co- 
operative problem-solving for resource allocation. The 
prototype automated power system is developed using 
simulations and test-beds. 

1 Introduction 

The paramount objective for our power system’s oper- 
ation is: to generate and dispatch electric power to the 
loads while maximizing Space Station Freedom’s pro- 
ductivity and without violating any constraints. The 
initial station operation will use dispatchers aided by 
human-interactive computational facilities to perform 
the necessary command and control tasks. These^ 
tasks constitute planning and decision-making activ- 
ities that strive to eliminate unplanned outages. To 
make quality decisions, the dispatchers must have an 
acumen sharpened through years of experience. Space 
Station Freedom will adopt an intensive human com- 
mand and control approach initially, but we perceive 
that in the long run there are opportunities to re- 


duce our reliance upon skilled dispatchers and to make 
faster and more consistent on-line decisions by captur- 
ing this knowledge in expert systems [1]. 

2 Power System Automation 

2.1 Perspective 

The Space Station Freedom’s electric power system 
is a complex subsystem which must be operated in 
concert with other station subsystems and payloads. 
Using automation to decrease the human involvement 
in these operating activities will increase productivity. 

Freedom’s operation itself can be viewed as two in- 
teractive tasks: apportioning the available resources 
among the subsystems and payloads and operating 
those subsystems and payloads. The apportioning 
tasks must insure that station productivity is max- 
imized while the operating tasks insure that station 
integrity is not jeopardized. In the case of the electric 
power system, the apportioning of electric energy di- 
vides among storage and loads. This activity must re- 
serve adequate energy for periods of eclipse, maximize 
experiment productivity, and respond to emergency 
power losses [2], 

Within the electric power system, resource appor- 
tioning and system operation can be accomplished us- 
ing a recognize-act procedure. The recognition part 
acquires data and then classifies the quality of the op- 
erating state and its performance status using sub- 
system functional knowledge and diagnostic ability. 
The action part of the procedure apportions the elec- 
tric resource and dispatches it through the distribu- 
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tion network using value judgment and apportioning 
knowledge. The recognize-act procedure is repeated 
whenever new data requires new action. This proce- 
dural paradigm requires technology development and 
demonstration in five areas of knowledge [1]: 

• Detection and Classification: This area ap- 
plies discriminative knowledge to convert quanti- 
tative state data into qualitative classifications of 
operating behavior. 

• Diagnosis: This area applies diagnostic knowl- 
edge to determine the cause of failures. 

• Forecasting: This area applies predictive knowl- 
edge to determine degradation patterns that pre- 
cede equipment failures and to predict the remain- 
ing system performance after component failures. 

• Planning and Scheduling: This area applies 
apportioning knowledge to allocate the electric 
power resource. 

• Integration of Knowledge-based and Con- 
ventional Automation: This area applies 

problem-solving knowledge to coordinate and fo- 
cus both algorithmic and knowledge-based prob- 
lem solving activities. 

To develop technology for these knowledge areas, we 
have embarked on an aggressive prototype design and 
demonstration program. The project is jointly funded 
by NASA’s Office of Aeronautics and Space Technol- 
ogy and NASA’s Office of Space Station Freedom. 

2.2 Automation Architecture 

Because electrical power system management is a ma- 
ture terrestrial discipline, tried and true operating 
philosophies and techniques exist that can be applied 
directly to Space Station Freedom. We believe that 
this is prudent and have defined Freedom’s power sys- 
tem’s operation using electric utility practices and pro- 
cedures as the motif. In the terrestrial power systems, 
algorithmic decision aids are used by experienced dis- 
patchers to guide their command and control consid- 
erations [1]. We propose to augment this approach by 
developing expert systems to direct the analyses and 
to integrate the results into oversight decisions. The 
gist is to perform a closed-loop command and control 
function using several specialized expert systems to 
perform diagnosis, security analysis, and overall coor- 
dination; and to use conventional algorithms for power 
scheduling. We also include a paraphrase of the Oper- 


ations Management Application software (OMA) 1 to 
investigate interactions within the hierarchical archi- 
tecture proposed for Freedom’s baseline design. To de- 
velop and demonstrate our automation design we will 
use the Lewis Space Station Freedom Electric Power 
Test-bed and real-time simulations. 

The command and control cycle, shown in Figure 1, 
begins with a sample of data from the electric power 
simulation. This data is processed by expert systems 
that recognize and classify the operating state of the 
power system and then proceed to perform specialized 
tasks based upon the results of the classification cycle. 
These expert systems perform two basic functions: 1.) 
system security monitoring and analysis and 2.) fail- 
ure cause diagnosis. 

The security monitoring and analysis software as- 
sesses the current operating state of the power system 
and analyzes the overload risk from possible failure 
modes. The system is judged secure if there are no 
contingencies that result in an emergency situation. 
Otherwise, insecure operating conditions are ranked in 
decreasing order of consequences and translated into 
constraints upon the scheduling and distribution of 
power. 

The diagnosis software determines the most likely 
cause of abnormal operation. Like the security anal- 
ysis software, it too generates constraints upon the 
scheduling and distribution of electric power. 

Imperatives and correlative data are provided from 
the Operations Management Application software. 
This communique consists of the strategic commands 
for power system operation and pertinent global infor- 
mation. Since we have proposed a hierarchical, coop- 
erative, problem-solving environment, this data is part 
of a bargaining transaction among the Station’s re- 
source consumers, their suppliers, and the operations 
executive — not unilateral commands directed to low- 
level power control functions. This emphasizes the 
OMA’s role as a manager and coordinator and mini- 
mizes its role as an autocrat. These OMA requests are 
translated into constraints on scheduling and overall 
operation. 

The Arbiter expert system software coordinates the 
Operations Management Application software’s re- 
quests, security analysis results, and diagnostic con- 
clusions by specifying appropriate system operating 
constraints and electrical loads to a scheduling algo- 
rithm. The Arbiter software also determines which 
schedule and operating plan is to be used given the 
current state of the power system’s operation. This 
current plan is used to operate the electric power sys- 

*The OMA software— part of the computerized Operations 
Management System — performs the automated coordination of 
Freedom’s systems and payloads [3j. 
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Figure 1: Automation Architecture 


tern simulation. 

The Scheduler software finds power profiles that 
maximize productivity and that satisfy the operating 
constraints stipulated by the Arbiter expert system. 
The resulting power dispatching schedules repose in 
memory (plans) awaiting selection by the arbitration 
software. 

3 Design and Development 

3.1 Software for Security Monitoring 
and Analysis 

Many competent algorithms exist for the monitoring 
and analysis of operating security. The monitoring 
task consists of taking measured values of power at 
a few critical locations and taking the distribution 
network’s topology to calculate all remaining voltages 
and currents. These parameters are then compared 
to the tolerances for line over-current, over-voltage, 
and under- voltage to produce a classification of either 
normal or emergency operation. The security analy- 


sis task is similar. Known transmission line, generator, 
and load disturbances are superimposed upon the cur- 
rent operating conditions and analyzed to predict op- 
erating tolerances for contingencies [1]. The workhorse 
tool for the monitoring and analysis is the fast, de- 
coupled load-flow algorithm [4] which is used to solve 
for the voltages, currents and operating margins. We 
are concerned that the conventional approach to secu- 
rity monitoring and analysis will impose an extreme 
computational work load upon Freedom’s power con- 
trol computer— -so much so that our power system will 
forgo security monitoring and analysis. Our only ini- 
tiative has been with Case Western Reserve University 
in 1988 to apply artificial neural networks to the se- 
curity monitoring task. The results are encouraging. 
A competent security monitor using artificial neural 
networks can “recall” the same operating margins as 
calculated by fast, decoupled load- flow in about Yq^ooo 
of the processing time [5]. 
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3.2 Software for Diagnosis 

Two expert systems are being developed for the diag- 
nosis function: 

The first, APEX, has been developed in KEE 2 for 
use with 20kHz. switchgear. It is a rule-based expert 
system that uses antecedent driven logic for generat- 
ing failure hypotheses (fault detection) and consequent 
driven logic for deducing the most likely hypothesis 
(fault isolation). An explanation facility is used to 
justify the failure cause. The APEX software can ac- 
commodate both static and temporal data. Temporal 
data is used to identify incipient failures, the detec- 
tion of which is based on linear regression and corre- 
lation analysis. The algorithm finds “soft” failures by 
detecting graceful degradation in system performance 
and augments this with rules which isolate the cause 
of the degradation. APEX is thus capable of detect- 
ing anomalies such as: insulation breakdown in trans- 
formers, contact depletion in mechanical switches, and 
thermal conductivity degradation in power semicon- 
ductors. The APEX software also provides postdiag- 
nostic recommendations, i.e., actions needed to recover 
from a particular type of failure [6, 8]. 

Several interfaces have been added to the APEX 
software: a graphic data display provides a human 
interface, a test-bed data acquisition interface and a 
power scheduler interface provide access to their re- 
spective systems. The APEX system is now able to 
replan power distribution after diagnosing the failure 
cause on its power system test-bed. Pertinent data 
values from the test-bed hardware are asserted into 
APEX’s knowledge base. For the incipient fault detec- 
tion, the values are stored in a first-in first-out table 
that contains the last 200 values for each test-bed mea- 
surement. The automated scheduler produces an opti- 
mum load profile and activates the antecedent driven 
failure detection to find deviations from the optimum 
plan [7]. 

The second diagnostic expert system, TROUBLE 
III, is being developed in ART 3 for use with the photo- 
voltaic generation and nickel-hydrogen battery storage 
systems. It is an expert system that uses set-covering 
rather than a series of if-then rules to encode the fail- 
ure knowledge [9]. In this software, a data base linking 
all known system failures to their known symptoms is 
built and searched to generate the failure cause hy- 
potheses for observed symptoms. Antecedent driven 
rules control hypothesis generation and determine the 
most likely cause. Nonmonatonic inference is imple- 
mented using reasoned assumptions [10], and rule con- 
flicts are identified and resolved using Petri net tran- 

2 ©InfcelliCorp, Inc. 

3 ©Inference Corp. 


sitions [11, 12]. The failure knowledge, however, is 
stored as data and is easily maintained. TROUBLE 
III uses a standard reliability analysis tool — the failure 
modes and effects analysis — to produce the symptom 
and failure data base [13]. Symptoms are detected us- 
ing rule-based classifiers which process static system 
measurements. 

3.3 The Arbiter 

3.3.1 Software for Coordination 

The coordination of the diagnostic, scheduling, and 
plan execution tasks is implemented in the Arbiter 
expert system. This software must make the power 
system’s tactical operating decisions. For example, it 
must take a failure's cause from the diagnosis software; 
search the list of plans to find whether or not one ex- 
ists for this contingency and implement it. If there is 
no contingency plan, then Arbiter must estimate the 
failure's impact on power generation, storage, or dis- 
tribution and negotiate through the OMA with the 
power consumers to prepare a new operating plan. To 
maximize secure operations, it must prepare contin- 
gency plans (by negotiating with the consumers) for 
each of the risky failure modes evaluated with the se- 
curity analysis software (Section 3.1). Our develop- 
ment plan for the Arbiter software is to bring auto- 
mated security monitoring and analysis, failure-cause 
diagnosis, and scheduling products together in a rapid 
prototyping environment; to discover through experi- 
mentation with these products cardinal decision situ- 
ations and their corresponding tactics; and to capture 
this situation-response knowledge in an expert system. 

3.3.2 Software for Scheduling 

Automating Freedom’s resource apportioning task 
(Section 2.1) is most challenging. To achieve an 
acceptable allocation of power requires cooperative 
problem- solving among subsystems, payloads, and the 
Operations Management Application software to max- 
imize productivity. The decisions that are made to 
schedule power must take into account the preferences 
of the power users, the constraints of the power system 
operation, and the overall productivity of the power 
schedule. We have been experimenting with a concept 
for interaction among the OMA, the subsystems, and 
the payloads which will produce decentralized, auto- 
mated resource scheduling and which will reduce in- 
formation transfer. 

Space Station Freedom’s functional agents can be 
organized into three categories: 1.) the operations 
management agent — the top-level project manager, 2.) 
resource managing agents — those which supply basic 
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resources throughout the station, and 3.) resource re- 
questing agents — those who plan to use the resources 
to perform other functions. With our concept, each 
agent is allowed to make all the decisions about con- 
trolling any of the activities under his purview. Re- 
source requesting agents will plan activities according 
to what is considered an acceptable discharge of their 
functional responsibility. These activities, in turn, will 
require resources to be supplied by the resource man- 
aging agents who must organize to support the activ- 
ities of all of the consumers. This conceptualization 
yields the following desiderata: 

1. A two-level hierarchy. Decision-making agents or- 
ganized by function who either plan what is to 
be done or who manage the required resources 
constitute the bottom level. An operations man- 
agement agent who integrates the decisions and 
resolves deadlocks constitutes the top level. 

2. Explicit value systems. Decision-making agents 
use cardinal measures of preference for trade-offs 
among different resource consumption tasks to 
maximize station productivity and to preserve eq- 
uity among the consumers. 

3. Local constraints. Resource supplying agents 
schedule demands using only the constraints in 
their own subsystem. Resource requesting agents 
plan activities that do not violate any of their op- 
erating constraints. 

To automate these distributed activities, schedul- 
ing software is being developed which uses a free- 
market economic model to coordinate the bidding for 
resources. This free-market model provides a time- 
dependent pricing mechanism that ensures a balance 
between supply and demand. First, the operations 
management agent acting as a free-market coordina- 
tor postulates trial prices for all resources and estab- 
lishes a group value function for each consumer. Next, 
the resource consumers produce a time profile of re- 
source consumption that maximizes the difference be- 
tween their task’s value and its resource costs. Finally, 
the resource managing agents poll the requesters, es- 
tablish an integrated usage profile, and quote the fair 
price they would charge to supply this demand. The 
free-market coordinator compares the fair prices with 
the initial trial prices and establishes a new set of trial 
prices. The bidding cycle is repeated until the fair 
price quoted by the resource supplying agents matches 
the trial price [14]. 


3.3,3 Software for Battery Management 

A battery management expert system is being de- 
signed which will extend battery life without sacrific- 
ing load scheduling flexibility. This system will per- 
form life prediction and state-of-charge estimation by 
compiling and analyzing trends in battery data. Us- 
ing this information, the battery management software 
will synthesize charging and discharging power versus 
time profiles that maximize battery life. The preferred 
charging and discharging profiles will be used by the 
Arbiter coordination software (Section 3.3.1) during 
the interactive resource scheduling described in Sec- 
tion 3.3.2. The Arbiter will adjust the fair price based 
upon the battery’s life as well as upon its charge. 

3.4 Test-beds and Simulations 

Two development paths are being pursued: The first 
uses the APEX switchgear diagnostic system and a 
zero-one, constrained optimization scheduling algo- 
rithm to produce load shedding or reconfiguration 
commands for a small 20k HZ test-bed. This test-bed 
(known as the 20kHz Brass Board) contains several 
pieces of switchgear and a network of microprocessors 
for gathering data and commanding the switchgear 
[8]. The objectives are: to demonstrate switchgear 
failure detection and diagnosis, to explore coopera- 
tive problem solving between planning and diagnos- 
tic systems, and to determine the difficulty of inte- 
grating a LISP-based development computer with an 
Ada-implemented distributed control system. This in- 
formation will be used to guide the integration of our 
automation products into the Space Station Freedom 
Power System Test-bed. 

The second development path uses simulations of 
the resource consumers and producers to create an 
experimental environment in which to bargain for re- 
sources. Enough payloads and resource producing sub- 
systems will be modeled to identify the intensity of the 
communications. We intend to incorporate the Space 
Station Freedom Electric Power Test-bed into the sim- 
ulation environment to verify that the automation de- 
signs are competent for real hardware. This corrob- 
oration of simulation-based findings will use as much 
power system hardware and software as practicable. 

4 Postlude 

The high cost of the initial space station is a major 
issue. A strong justification for any new technological 
alternative is needed if it is to secure a berth aboard 
Freedom [2]. Our objective is to design a compe- 
tent, highly-automated electric power system that will 
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quickly amortize its development expense and yield 
the dividend of increased productivity for the balance 
of Freedom’s life. We believe that prudently inte- 
grating expert systems with conventional algorithms 
will significantly reduce Freedom’s operating costs and 
that this benefit warrants our investigations. Our ap- 
proach will reduce the ground crew needed to man- 
age power system operation, reduce the station crew’s 
time used to support ground-based command and con- 
trol activities, and will reduce the amount of extra- 
vehicular-activity required for maintenance and repair. 

Our first challenge is to develop a prototype. Sec- 
ond, we must determine our prototype’s effectiveness 
as an alternative to Freedom’s baseline design. Fi- 
nally, we must ascertain its development costs. We 
will begin by: 

1. Identifying “hooks” and “scars” for automation 
application and growth. 

2. Substantiating the readiness of knowledge-based 
automation technologies for application aboard 
Space Station Freedom. 

3. Defining the solution for cooperative problem-, 
solving among the power system, other resource 
producing subsystems, OMA, and payloads. 

Only through concerted evaluations will we provide 
the rationale for flying a productive, high technology 
power system aboard Space Station Freedom. 
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